<?php
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.

require_once("{$GLOBALS['srcdir']}/sql.inc");
require_once("$srcdir/classes/postmaster.php");

// 06-2009, BM migrated the patient_note_types array to the list_options table

function getPnoteById($id, $cols = "*")
{
  return sqlQuery("SELECT $cols FROM pnotes WHERE id=? " .
    " AND deleted != 1 ". // exclude ALL deleted notes
    "order by date DESC limit 0,1", array($id) );
}

function validEmail($email){
    if(eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $email)) {
    return true;
    }
    return false;
}

function mail_notification($assigned_to){
	$userData = sqlQuery("SELECT * FROM `users` WHERE `username`=?", array($assigned_to) );
    //if ( $patientData['hipaa_allowemail'] != "YES" || empty($patientData['email']) || empty($GLOBALS['patient_reminder_sender_email'])  ) {
    //    return false;
    //}
    if (!(validEmail($userData['email']))) { 
        return false;
    }
    //if (!(validEmail($GLOBALS['patient_reminder_sender_email']))) {
    //    return false;
    //}
    
	$message= ' '
	.'<p>'
	.' Estimado ' . $userData['fname'] . ' ' . $userData['lname'] . ': '
	.'</p>'
	.'<p>';   
	
	$message = 'Le informamos que tiene un nuevo mensaje en el expediente de salud a un click. Puede revisarlo <a href="https://expediente.saludaunclic.com/">aqu�.</a>';
	
	$message.= '</p>';
	
    
    $mail = new MyMailer();
    $pt_name=$userData['fname'].' '.$userData['lname'];
    $pt_email=$userData['email'];
    $email_subject=xl('Access Your Patient Portal');
    $email_sender=$GLOBALS['patient_reminder_sender_email'];
    $mail->AddReplyTo($email_sender, $email_sender);
    $mail->SetFrom($email_sender, $email_sender);
    $mail->AddAddress($pt_email, $pt_name);
    $mail->Subject = $email_subject;
    $mail->MsgHTML("<html><body><div class='wrapper'>".$message."</div></body></html>");
    $mail->IsHTML(true);
    $mail->AltBody = $message;
				    
    if ($mail->Send()) {
        return true;
    } else {
        $email_status = $mail->ErrorInfo;
        error_log("EMAIL ERROR: ".$email_status,0);
        return false;
	}
}

// activity can be 0, 1, or 'all'
function getPnotesByUser($activity="1",$show_all="no",$user='',$count=false,$sortby='',$sortorder='',$begin='',$listnumber='')
{

  // Set the activity part of query
  if ($activity=='1') {
    $activity_query = " pnotes.message_status != 'Done' AND pnotes.activity = 1 AND ";
  }
  else if ($activity=='0') {
    $activity_query = " (pnotes.message_status = 'Done' OR pnotes.activity = 0) AND ";
  }
  else { //$activity=='all'
    $activity_query = " ";
  }

  // Set whether to show chosen user or all users
  if ($show_all == 'yes' ) {
    $usrvar='_%';
  } else {
    $usrvar=$user;
  } 

  // run the query
  $sql = "SELECT pnotes.id, pnotes.user, pnotes.pid, lo.title, pnotes.date, lo2.title message_status,
          IF(pnotes.user != pnotes.pid,users.fname,patient_data.fname) as users_fname,
          IF(pnotes.user != pnotes.pid,users.lname,patient_data.lname) as users_lname,
          patient_data.fname as patient_data_fname, patient_data.lname as patient_data_lname
          FROM ((pnotes LEFT JOIN users ON pnotes.user = users.username)
          JOIN patient_data ON pnotes.pid = patient_data.pid) inner join list_options lo on (pnotes.title = lo.option_id) inner join list_options lo2 on (pnotes.message_status = lo2.option_id) WHERE $activity_query
          pnotes.deleted != '1' AND lo.list_id = 'note_type' AND lo2.list_id = 'message_status' AND pnotes.assigned_to LIKE ?";
  if (!empty($sortby) || !empty($sortorder)  || !empty($begin) || !empty($listnumber)) {
    $sql .= " order by ".add_escape_custom($sortby)." ".add_escape_custom($sortorder).
           " limit ".add_escape_custom($begin).", ".add_escape_custom($listnumber);
  }
  
  //die($sql);
  
  $result = sqlStatement($sql, array($usrvar));

  // return the results
  if ($count) {
    if(sqlNumRows($result) != 0) {
        $total = sqlNumRows($result);
    }
    else {
        $total = 0;
    }
    return $total;
  }
  else {
    return $result;
  }
}


function getPnotesByDate($date, $activity = "1", $cols = "*", $pid = "%",
  $limit = "all", $start = 0, $username = '', $docid = 0, $status = "")
{
$sqlParameterArray = array();
  if ($docid) {
    $sql = "SELECT $cols FROM pnotes AS p, gprelations AS r " .
    "WHERE p.date LIKE ? AND r.type1 = 1 AND " .
    "r.id1 = ? AND r.type2 = 6 AND p.id = r.id2 AND p.pid != p.user";
    array_push($sqlParameterArray, '%'.$date.'%', $docid);
  }
  else {
    $sql = "SELECT $cols FROM pnotes AS p " .
      "WHERE date LIKE ? AND pid LIKE ? AND p.pid != p.user";
    array_push($sqlParameterArray, '%'.$date.'%', $pid);
  }
  $sql .= " AND deleted != 1"; // exclude ALL deleted notes
  if ($activity != "all") {
    if ($activity == '0') {
      // only return inactive
      $sql .= " AND (activity = '0' OR message_status = 'Done') ";
    }
    else { // $activity == '1'
      // only return active
      $sql .= " AND activity = '1' AND message_status != 'Done' ";
    }
  }
  if ($username) {
    $sql .= " AND assigned_to LIKE ?";
    array_push($sqlParameterArray, $username);
  }
  if ($status)
    $sql .= " AND message_status IN ('".str_replace(",", "','", $status)."')";
  $sql .= " ORDER BY date DESC";
  if($limit != "all")
    $sql .= " LIMIT $start, $limit";

  $res = sqlStatement($sql, $sqlParameterArray);

  $all=array();
  for ($iter = 0;$row = sqlFetchArray($res);$iter++)
    $all[$iter] = $row;
  return $all;
}

// activity can only be 0, 1, or 'all
function getSentPnotesByDate($date, $activity = "1", $cols = "*", $pid = "%",
  $limit = "all", $start = 0, $username = '', $docid = 0, $status = "")
{
$sqlParameterArray = array();
  if ($docid) {
    $sql = "SELECT $cols FROM pnotes AS p, gprelations AS r " .
    "WHERE p.date LIKE ? AND r.type1 = 1 AND " .
    "r.id1 = ? AND r.type2 = 6 AND p.id = r.id2 AND p.pid = p.user";
    array_push($sqlParameterArray, '%'.$date.'%', $docid);
  }
  else {
    $sql = "SELECT $cols FROM pnotes AS p " .
      "WHERE date LIKE ? AND pid LIKE ? AND p.pid = p.user";
    array_push($sqlParameterArray, '%'.$date.'%', $pid);
  }
  $sql .= " AND deleted != 1"; // exclude ALL deleted notes
  if ($activity != "all") {
    if ($activity == '0') {
      // only return inactive
      $sql .= " AND (activity = '0' OR message_status = 'Done') ";
    }
    else { // $activity == '1'
      // only return active
      $sql .= " AND activity = '1' AND message_status != 'Done' ";
    }
  }
  if ($username) {
    $sql .= " AND assigned_to LIKE ?";
    array_push($sqlParameterArray, $username);
  }
  if ($status)
    $sql .= " AND message_status IN ('".str_replace(",", "','", $status)."')";
  $sql .= " ORDER BY date DESC";
  if($limit != "all")
    $sql .= " LIMIT $start, $limit";

  $res = sqlStatement($sql, $sqlParameterArray);

  $all=array();
  for ($iter = 0;$row = sqlFetchArray($res);$iter++)
    $all[$iter] = $row;
  return $all;
}

function getPatientNotes($pid = '', $limit = '', $offset = 0, $search = '')
{
  if($limit){
    $limit = "LIMIT $offset, $limit";
  }
  $sql = "
    SELECT
      p.id,
      p.date,
      p.user,
      p.title,
      REPLACE(
        p.body,
        '-patient-',
        CONCAT(pd.fname, ' ', pd.lname)
      ) AS body,
      p.message_status,
      'Message' as `type`
    FROM
      pnotes AS p 
      LEFT JOIN patient_data AS pd 
        ON pd.id = p.pid 
    WHERE assigned_to = '-patient-' 
      AND p.deleted != 1 
      AND p.pid = ?
      $search
    ORDER BY `date` desc
    $limit
  ";
  $res = sqlStatement($sql, array($pid));
  for($iter = 0;$row = sqlFetchArray($res);$iter++){
    $all[$iter] = $row;
  }
  return $all;
}

function getPatientNotifications($pid = '', $limit = '', $offset = 0, $search = '')
{
  if($limit){
    $limit = "LIMIT $offset, $limit";
  }
  $sql = "
    SELECT
      pr.id,
      date_created AS `date`,
      'Patient Reminders' AS `user`,
      due_status AS title,
      CONCAT(lo.title, ':', lo2.title) AS body,
      '' as message_status,
      'Notification' as `type`
    FROM
      patient_reminders AS pr 
      LEFT JOIN list_options AS lo 
        ON lo.option_id = pr.category 
        AND lo.list_id = 'rule_action_category' 
      LEFT JOIN list_options AS lo2 
        ON lo2.option_id = pr.item 
        AND lo2.list_id = 'rule_action' 
    WHERE pid = ?
      AND active = 1
      AND date_created > DATE_SUB(NOW(), INTERVAL 1 MONTH)
      $search
    ORDER BY `date` desc
    $limit
  ";
  $res = sqlStatement($sql, array($pid));
  for($iter = 0;$row = sqlFetchArray($res);$iter++){
    $all[$iter] = $row;
  }
  return $all;
}

function getPatientSentNotes($pid = '', $limit = '', $offset = 0, $search = '')
{
  if($limit){
    $limit = "LIMIT $offset, $limit";
  }
  $sql = "
    SELECT
      p.id,
      p.date,
      p.assigned_to,
      p.title,
      REPLACE(
        p.body,
        '-patient-',
        CONCAT(pd.lname, ' ', pd.fname)
      ) AS body,
      p.activity,
      p.message_status,
      'Message' as `type`
    FROM
      pnotes AS p 
      LEFT JOIN patient_data AS pd 
        ON pd.id = p.pid 
    WHERE `user` = ?
      AND p.deleted != 1 
      AND p.pid = ?
      AND p.message_status != 'Done'
      $search
    ORDER BY `date` desc
    $limit
  ";
  $res = sqlStatement($sql, array($pid,$pid));
  for($iter = 0;$row = sqlFetchArray($res);$iter++){
    $all[$iter] = $row;
  }
  return $all;
}

// activity can be 0, 1, or 'all'
function getPnotesByPid ($pid, $activity = "1", $cols = "*", $limit=10, $start=0)
{
 if ($activity == '1') {
  // return only active
  $res = sqlStatement("SELECT $cols FROM pnotes WHERE pid LIKE ? " .
    "AND activity = '1' ".
    " AND message_status != 'Done' ".
    " AND deleted != 1 ".
    " ORDER BY date DESC LIMIT $start,$limit", array($pid) );
 }
 else if ($activity == '0') {
  // return only inactive
  $res = sqlStatement("SELECT $cols FROM pnotes WHERE pid LIKE ? " .
    "AND (activity = '0' ".
    " OR message_status = 'Done') ".
    " AND deleted != 1 ".
    " ORDER BY date DESC LIMIT $start,$limit", array($pid) );
 }
 else { // $activity == "all"
  // return both active and inactive
  $res = sqlStatement("SELECT $cols FROM pnotes WHERE pid LIKE ? " .
    " AND deleted != 1 ".
    " ORDER BY date DESC LIMIT $start,$limit", array($pid) );
 }
  for ($iter = 0; $row = sqlFetchArray($res); $iter++)
    $all[$iter] = $row;
  return $all;
}

function addPnote($pid, $newtext, $authorized = '0', $activity = '1',
  $title='Unassigned', $assigned_to = '', $datetime = '', $message_status = "New")
{
  if (empty($datetime)) $datetime = date('Y-m-d H:i:s');

  // make inactive if set as Done
  if ($message_status == "Done") $activity = 0;

  $body = date('Y-m-d H:i') . ' (' . $_SESSION['authUser'];
  if ($assigned_to) $body .= " to $assigned_to";
  $body = $body . ') ' . $newtext;

  $sql = "INSERT INTO pnotes (date, body, pid, user, groupname, " .
  "authorized, activity, title, assigned_to, message_status) VALUES ('$datetime', '$body', $pid, '".$_SESSION['authUser']."', '".$_SESSION['authProvider']."', '$authorized', '$activity', '$title', '$assigned_to', '$message_status')";

    //Insert into bitacora
    off_sync($sql);
  
  return sqlInsert($sql);
}

function addMailboxPnote($pid, $newtext, $authorized = '0', $activity = '1',
  $title='Unassigned', $assigned_to = '', $datetime = '', $message_status = "New")
{
  if (empty($datetime)) $datetime = date('Y-m-d H:i:s');

  // make inactive if set as Done
  if ($message_status == "Done") $activity = 0;

  $body = date('Y-m-d H:i') . ' (' . $pid;
  if ($assigned_to) $body .= " to $assigned_to";
  $body = $body . ') ' . $newtext;

  return sqlInsert("INSERT INTO pnotes (date, body, pid, user, groupname, " .
    "authorized, activity, title, assigned_to, message_status) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)",
    array($datetime, $body, $pid, $pid, 'Default', $authorized, $activity, $title, $assigned_to, $message_status) );
}

function updatePnote($id, $newtext, $title, $assigned_to, $message_status = "")
{
  $row = getPnoteById($id);
  if (! $row) die("updatePnote() did not find id '$id'");
  $activity = $assigned_to ? '1' : '0';

  // make inactive if set as Done
  if ($message_status == "Done") $activity = 0;

  $body = $row['body'] . "\n" . date('Y-m-d H:i') .
    ' (' . $_SESSION['authUser'];
  if ($assigned_to) $body .= " to $assigned_to";
  $body = $body . ') ' . $newtext;

  if ($message_status) {
      $sql = "UPDATE pnotes SET " .
      "body = $body, activity = $activity, title= $title, " .
      "assigned_to = $assigned_to, message_status = $message_status WHERE id = $id";
      
    //Insert into bitacora
    off_sync($sql);
      
    sqlStatement($sql);
  }
  else {

      $sql = "UPDATE pnotes SET " .
      "body = $body, activity = $activity, title= $title, " .
      "assigned_to = $assigned_to WHERE id = $id";
      
    
      
    sqlStatement($sql);
  }
}

function updatePnoteMessageStatus($id, $message_status)
{
  if ($message_status == "Done") {
    sqlStatement("update pnotes set message_status = ?, activity = '0' where id = ?", array($message_status, $id) );
  }
  else {
    sqlStatement("update pnotes set message_status = ?, activity = '1' where id = ?", array($message_status, $id) );
  }
}

function authorizePnote($id, $authorized = "1")
{
  sqlQuery("UPDATE pnotes SET authorized = ? WHERE id = ?", array ($authorized,$id) );
}

function disappearPnote($id)
{
  sqlStatement("UPDATE pnotes SET activity = '0', message_status = 'Done' WHERE id=?", array($id) );
  return true;
}

function reappearPnote ($id)
{
  sqlStatement("UPDATE pnotes SET activity = '1', message_status = IF(message_status='Done','New',message_status) WHERE id=?", array($id) );
  return true;
}

function deletePnote($id)
{
  $sql = "UPDATE pnotes SET deleted = '1' WHERE id=$id";
  sqlStatement(sql);
  
    //Insert into bitacora
    off_sync($sql);
  
  return true;
}
?>
